Under the GDPR, all personal data that is being transferred lawfully, must have the correct security applied to it. Wizuda addresses this as follows;
1. Encryption by Default
Built with privacy by design, Wizuda encrypts all mails and attachments by default, using AES-256 bit encryption.
2. Recipient Authentication
All recipients have to be verified in order to access the data you sent them, including user registration and multi-factor authentication options. See here for further details.
We’ve all done it, typed in the first few letters of the recipient’s email address, it autocompletes the rest, we press send and then realise it’s gone to the wrong person!!!
Horror strikes! We know recall doesn’t work, if anything, it piques people’s interest in the email.
With no way of truly retracting it or being able to tell if they have read or downloaded it, we have to report the potential data breach to the Supervisory Authority within 72 hours.
1. Recipient Verification
It may sound simple, but simply being automatically prompted to verify the list of recipients in a vertical display, highlights incorrect domains and has been proven to prevent such manual errors.
2. Email Retraction
Wizuda includes the ability to instantly retract a mail so if the recipients try to access it from this point onwards they will get a notification to say ‘this data is no longer accessible’.
As the sender, you can also see if any of the recipients read or viewed/downloaded the attachments prior to it being retracted, and if a data breach actually occurred. With other software, you don’t have this visibility, and therefore have to report a potential data breach under GDPR.
3. Authorisation Flows
Wizuda software includes the option to send emails with sensitive content on to an authorised user for approval, prior to it being sent. This provides another layer of protection in preventing data from being sent to the wrong person.
4. Domain List Management
With Wizuda’s domain list management, you can prevent data from going to certain domains from country level to specific email addresses.
Failing to BCC recipients is another common data breach. This can have devasting effects as we saw in the UK which resulted in the ICO issuing a fine of £200k pre-GDPR – see here for further details.
Wizuda addresses this in several ways;
1. BCC by Default
Built with Privacy by Design, Wizuda comes with various default settings whereby you can set all mails to be ‘BCC by default’. Even if ‘BCC by default’ isn’t selected, Wizuda will alert you that BCC hasn’t been enabled, thus minimising this risk significantly.
1. Granular Permission Levels
With Wizuda, you can lock down access to data with our granular permission levels which can be set by an administrator. Such permissions can be set at an organisational, departmental or individual user level.
2. Full Audit Logs
Audit logs are provided by default, enabling the authorised personnel to see all activities within the system. This includes when mails and attachments were read and downloaded and by whom.
